diff options
| author | Tsutomu Kuroda <t-kuroda@oiax.jp> | 2011-01-26 11:35:02 +0900 |
|---|---|---|
| committer | Santiago Pastorino <santiago@wyeworks.com> | 2011-02-09 18:35:15 -0200 |
| commit | ad31549ab3044afc336c05243481c0f663689584 (patch) | |
| tree | 9e4d9d735616559ada74f756a18bb4facfa2104c /activemodel/lib/active_model | |
| parent | 9d8fdfec38a145e3f5074fd8dc0216630c268e32 (diff) | |
| download | rails-ad31549ab3044afc336c05243481c0f663689584.tar.gz rails-ad31549ab3044afc336c05243481c0f663689584.tar.bz2 rails-ad31549ab3044afc336c05243481c0f663689584.zip | |
Override attributes_protected_by_default when has_secure_password is called.
attr_protected should not be called, because it nullifies the
mass assignment protection that has been set by attr_accessible.
Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
Diffstat (limited to 'activemodel/lib/active_model')
| -rw-r--r-- | activemodel/lib/active_model/secure_password.rb | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/activemodel/lib/active_model/secure_password.rb b/activemodel/lib/active_model/secure_password.rb index 7e8370a04c..957d0ddaaa 100644 --- a/activemodel/lib/active_model/secure_password.rb +++ b/activemodel/lib/active_model/secure_password.rb @@ -33,12 +33,16 @@ module ActiveModel attr_reader :password attr_accessor :password_confirmation - attr_protected(:password_digest) if respond_to?(:attr_protected) - validates_confirmation_of :password validates_presence_of :password_digest include InstanceMethodsOnActivation + + if respond_to?(:attributes_protected_by_default) + def self.attributes_protected_by_default + super + ['password_digest'] + end + end end end |